sysutils/lima: update to version 2.1.1
The default docker template still does not boot on my NetBSD host, but
the docker.lima wrapper worked for me just fine when using debian-13
instead, and installing docker.io there.
Tested on NetBSD/amd64.
Changes since version 2.1.0:
* Binary release:
- Add Windows artifacts (#4789)
* macOS guest:
- Allow unusual range of UID (#4171, thanks to @balajiv113)
* vz:
- Honor audio.device=none (#4762, thanks to @BizerNotNull)
* nerdctl:
- Update from v2.2.1 to v2.2.2 (#4787)
. This release of the nerdctl distribution updates BuildKit
[59 lines not shown]
p5-YAML-Syck: update to 1.45.
1.45 Apr 23 2026
[Bug Fixes]
- Fix: use syck_base64_free() to fix Windows "Free to wrong pool" crash
in base64 encode/decode buffers; also plugs a memory leak (PR #189)
- Fix: clear type tag on blessed scalar alias early-return so the stale
tag no longer leaks onto the next emitted item (GH #193, PR #194)
- Fix: negative float#base60 values produce wrong results; strip sign
before accumulating and avoid negative zero for portable
stringification (PR #191)
- Fix: prevent memory leaks when Load/LoadJSON croak on parse errors
(PR #192)
[Maintenance]
- Test: add coverage for SortKeys and JSON MaxDepth (PR #188)
- Test: add error handling coverage for LoadFile/DumpFile (PR #190)
- Update README
[149 lines not shown]
p5-libwww: update to 6.83.
6.83 2026-05-12 11:41:48Z
- LWP::UserAgent now strips Authorization and Proxy-Authorization headers
on cross-origin redirects (a different scheme, host, or port) to prevent
credential leakage to the redirect target. Same-origin redirects retain
credentials. Opt out with allow_credentialed_redirects => 1.
CVE-2026-8368 reported by Kai Zen; PoC and initial patch by Stig
Palmquist.
- LWP::UserAgent now refuses https to http redirects by default to prevent
leaking remaining request headers and bodies over plaintext. Opt in with
allow_downgrade => 1. Related hardening alongside CVE-2026-8368; PoC by
Stig Palmquist.
graphics/lcms2: Update to 2.19.1
This is a bugfix release.
Note that one can use cmake, but upstream has not yet declared that to
be the official build system, so decline to switch. (As usual, the
autoconf build works fine.)
kicad-*: Update to 10.0.1
KiCad 10.0.1 (2026-04-15)
The 10.0.1 stable version contains critical bug fixes and other minor
improvements since the previous release.
A list of all of the fixed issues since the 10.0.1 release can be
found on the KiCad 10.0.1 milestone page.
KiCad 10.0.0 (2026-03-20)
Most, if not all, of the new features as well as usability
improvements in KiCad 10 are described in a running thread on the
KiCad user forum. Wayne Stambaugh also presented them in his FOSDEM
2026 talk which is available to watch on the FOSDEM website. This post
highlights some of the most exciting changes, but make sure to check
out the forum post for a full list. There were also hundreds of bug
fixes, performance improvements, and other smaller changes since KiCad
9. A full list of issues addressed in KiCad 10 can be found on the
[8 lines not shown]
libspnav: Add libspnav-1.2
Libspnav is a C library for receiving input from 6 degrees-of-freedom
(6dof) input devices, also known as spacemice, spaceballs, etc. 6dof
input is very useful for fluidly manipulating objects or viewpoints in
3D space, and fundamendally comprises of relative movement
(translation) across 3 axes (TX/TY/TZ), and rotation about 3 axes
(RX/RY/RZ).
Libspnav is a counterpart to the free spacenav driver (spacenavd),
which runs as a system daemon, and handles all the low level
interfacing with the actual devices. However, it can also communicate
with the proprietary 3Dconnexion driver (3dxsrv), with reduced
functionality.
